Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Feature request: ability to block based upon TCP SYN rate #815

Open
cdanis opened this issue May 29, 2020 · 2 comments
Open

Feature request: ability to block based upon TCP SYN rate #815

cdanis opened this issue May 29, 2020 · 2 comments
Labels
enhancement

Comments

@cdanis
Copy link

cdanis commented May 29, 2020

It would be great if we were able to set an attack detection threshold based upon TCP SYN pps.

It'd be even better if we were also able to dump out the source IPs or subnets that were over the threshold and automatically create flowspec rules or similar, but of course that seems much harder.
@pavel-odintsov
Copy link
Owner

pavel-odintsov commented May 30, 2020
edited
Loading

Hello!

Thank you for idea! I'll tag it as new feature.

@pavel-odintsov
Copy link
Owner

We have this option in Advanced version: https://fastnetmon.com/docs-fnm-advanced/fastnetmon-threshold-types/

At some point we may add it in Community one too.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@cdanis @pavel-odintsov